I'am trying to connect a WebRTC C client to a Java Server under CometD through Websocket.
The problem is that, it is not possible to use regular websocket libraries like "Libwebsockets" to handshake the Java Bayeux Server.
Is there any C library that allows us to handshake a Bayeux Server or let us make a custom handshake form ?
If not, i will have to code my own connector.
This scenario taken into account, do you have any ideas where to start or
what to use to allow me to make a custom handshake form in C ?
Any help would be much appreciated.
The Bayeux protocol is defined here.
In itself, the protocol is quite simple, and there are two implementations in the CometD project: one in JavaScript and one in Java.
A C implementation was discussed a while back, but lacked traction, so it was never implemented.
Perhaps it won't be impossible to call the Java implementation via JNI, but of course that has its drawbacks.
You are more than welcome to discuss this in the CometD mailing list or on a CometD issue.
Related
I have been struggling with this for long . I want to do something similar to what is mentioned in
XMPP with Java Asmack library supporting X-FACEBOOK-PLATFORM
I am going to prepare my custom SASL mechanism and similarly, on the XMPP server side, we are going to register for that mechanism so that we can authenticate the user using our designed protocol rather than the default authentication of smack client and XMPP server.
Do I want to know how can I register that custom SASL mechanism using my smack client?
I can't find anything online, all I can see is previous snippets of code using old methods like:
SASLAuthentication.supportSASLMechanism(SASLAuthentication)
These mnethods like SUpportSASLMechanism don't even exist anymore in the smack libraries.
Can anyone please suggest something.
I have been looking at tutorials like this, java websockets using Tyrus and I see a server implementation, a java client, and a javascript client. I was expecting only a server implementation and a javascript client to handle messages from the server. Why is there a java client? If I am running my application with a browser then do I skip the Java client?
Yes. It's just an example, they could have Ruby, Python and C clients too. It just shows that it's not limited to only Javascript clients.
Im developing a little serverside api to use with a java client (which i wrote too).
The api is written with jersey (RESTful) und running on a tomcat server. The data it provides is passed to the client as Json-String and all communication is performed via Http.
I now want to ensure that only my own client programm is able to access the api (At the moment, as its http, everyone could receive the json data via an ordinary browser). Therefor, im looking for a way to "identify" my clientside programm to the api with a key or something like that. I first thought about using the user-agent for identification, but this could easily be copied. So i need some kind of key which changes dynamically or something like that.
Whats a good way to do that?
I searched in the net but didnt find a proper answer (maybe wrong keywords?), so im happy for every hint and/or link about that topic.
Edit: The client side programm is an android app. I want to make sure noone is creating a similar app and use my server for his purpose.
If the attacker has a the client in his possession, there's almost no security that can't eventually be compromised.
A good start, that's fairly out of box is bi-directional SSL authentication (Client and Server certificates). This is supported out of the box and requires little code changes.
I need some general design advices from you. I plan to implement a client to client communication, using a gae server as message router. There are several clients associated to specific users. I planned to use google accaunts for user identification.
But I am not sure how to secure the users data, so that their data is only accessible by them selves. Am I right to use OAuth to protect the communication?
Can anyone direct me into how to use that? I found the google-oauth-java-client, but didn't found any easy to understand tutorial on how to implement a secure communication between a client and gae server.
Excessive googling brought me to that blog post:
http://fabiouechi.blogspot.de/2011/11/using-google-oauth-java-client-to.html
together with the there in linked blog post:
http://ikaisays.com/2011/05/26/setting-up-an-oauth-provider-on-google-app-engine/
I was able to get my example working!
I have a Java client that calls a web service at the moment using the Http protocol.
When i try to use the Https protocol i keep getting this error
java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.
Any ideas what could be up?
Thanks
Damien
Due to american export regulations in encryption technologies, you can't use strong encryption out of the box. Your error looks like you (or your framework) is trying to use strong encryption, and other parts of the framework is not allowing it.
A discussion of a case that looks similar to yours can be found here.
A good crypto provider is BouncyCastle. Takes some reading, but it's not that hard to make it work.
Good luck,
Are you sure you are connecting your HTTPS client to the server port that talks over HTTPS (TLS/SSL) rather than HTTP?
YOu have to pass the keystore type from the client. This error should go then.